Docker Icon

Docker

Docker is a platform built for developers to build and run applications.
28 Stories
All Topics

The New Stack Icon The New Stack

New cryptojacking worm found in docker containers

Jack Wallen: A new cryptojacking worm, named Graboid, has been spread into more than 2,000 Docker hosts, according to the Unit 42 researchers from Palo Alto Networks. This is the first time such a piece of malware has spread via containers within the Docker Engine (specifically docker-ce). Scary stuff, and (at the moment) difficult to detect & prevent: We’ve reached a point with containers where security must be constantly on the front burner. Antivirus and anti-malware applications currently have no means of analyzing and cleaning containers and container images. That’s the heart of the issue. Graboid may be the first malware to target containers, but it certainly won’t be the last.

read more

Docker github.com

The lazier way to manage everything docker

Memorising docker commands is hard. Memorising aliases is slightly less hard. Keeping track of your containers across multiple terminal windows is near impossible. What if you had all the information you needed in one terminal window with every common command living one keypress away (and the ability to add custom commands as well). Lazydocker’s goal is to make that dream a reality.

read more

Ivan Velichko micromind.me

From Docker container to bootable Linux disk image

If you’d like to follow along with someone who “has no idea what they’re doing” to learn how to take a base Docker image made with a single line Dockerfile FROM debian:latest and convert it to something launch-able, then read on… …messing about with things like this is the only way to gain extra knowledge of any system internals. We are going to speak Docker and Linux here. What if we want to take a base Docker image, I mean really base, just an image made with a single line Dockerfile like FROM debian:latest, and convert it to something launchable on a real or virtual machine? In other words, can we create a disk image having exactly the same Linux userland a running container has and then boot from it?

read more

Liran Tal DEV.to

How to securely build Docker images for Node.js

Liran Tal: Developers, often lacking insights into the intricacies of Docker, may set out to build their Node.js-based docker images by following naive tutorials which lack good security approaches in how an image is built. One of these nuances is the use of proper permissions when building Docker images. To minimize exposure, opt-in to create a dedicated user and a dedicated group in the Docker image for the application; use the USER directive in the Dockerfile to ensure the container runs the application with the least privileged access possible.

read more

Y Combinator Icon Y Combinator

Docker Hub has been hacked

Attention Docker Hub users — Docker Hub has been hacked, so check your email to read the report from Kent Lamb, Director of Docker Support and take appropriate action. Here are the details… During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds. From lugg on Hacker News: If you got an email you should: Change your password on https://hub.docker.com Check https://github.com/settings/security Reconnect oAuth for automated builds Rollover effected passwords and API keys stored in private repos / containers

read more

Aymen Medium

The missing introduction to containerization

Containerization technologies are one of the trendiest topics in the cloud economy and the IT ecosystem. The container ecosystem can be confusing at times, this post may help you understand some confusing concepts about Docker and containers. We are also going to see how the containerization ecosystem evolved and the state of containerization in 2019. Put on your swimming suit, because this is a deep dive. 🏊‍♀️🏊

read more

Docker Blog Icon Docker Blog

Containerd graduated within the CNCF

Today containerd graduated within the CNCF to join the ranks of Kubernetes, Prometheus, Envoy, and CoreDNS as a “graduated” project in the CNCF. From Michael Crosby on the Docker blog: We are happy to announce that as of today, containerd, an industry-standard runtime for building container solutions, graduates within the CNCF. From Docker’s initial announcement that it was spinning out its core runtime to its donation to the CNCF in March 2017, the containerd project has experienced significant growth and progress over the last two years. The primary goal of Docker’s donation was to foster further innovation in the container ecosystem by providing a core container runtime that could be leveraged by container system vendors and orchestration projects such as Kubernetes, Swarm, etc.

read more

Snyk Icon Snyk

Top ten most popular docker images each contain at least 30 vulnerabilities

The adoption of application container technology is increasing at a remarkable rate and is expected to grow by a further 40% in 2020, according to 451 Research. It is common for system libraries to be available in many docker images, as these rely on a parent image that is commonly using a Linux distribution as a base. In many cases, remediation is as simple as rebuilding the image or swapping out the base image, but it’s not always that easy. Click through for more analysis and advice.

read more

 Itamar Turner-Trauring pythonspeed.com

10× faster database tests with Docker

Testing code that talks to the database can be slow. Fakes are fast but unrealistic. What to do? With a little help from Docker, you can write tests that run fast, use the real database, are easy to write and run. I tried Itamar’s technique on changelog.com’s test suite and the 679 tests complete in ~17 seconds. The same tests run directly against Postgres complete in ~12 seconds. A net loss for me, but that may have something to do with how Docker for Mac works? I’d love to hear other people’s experiences.

read more

Daniele Polencic learnk8s.io

What is Kubernetes?

In this highly visual and scroll friendly post from Daniele, you’ll follow the evolution of monolith, to components, to VMs, to today’s world of Kubernetes and cloud. Daniele writes: Kubernetes and Docker? What is the difference? Is it just a fad or are those two technologies here to stay? If you heard about the Docker and Kubernetes, but you aren’t sold on the idea and don’t see the point in migrating, this article is for you. 
Learn how you can leverage Kubernetes to reduce infrastructure costs and accelerate your software delivery.

read more

Docker github.com

Docker can't be downloaded without logging into Docker Store

750 downvotes and counting on the comment below from Joao Fernandes, the Docs Lead for Docker Enterprise Edition. I know that this can feel like a nuisance, but we’ve made this change to make sure we can improve the Docker for Mac and Windows experience for users moving forward. As far as I can tell, the docs don’t need changes, so I’ll close this issue, but feel free to comment. Lots of comments are stacking up on Hacker News too.

read more

Netflix Technology Blog Icon Netflix Technology Blog

Titus, the Netflix container management platform, is now open source

Is Netflix Titus open source yet? Yes. Titus powers critical aspects of the Netflix business, from video streaming, recommendations and machine learning, big data, content encoding, studio technology, internal engineering tools, and other Netflix workloads So, why is Netflix open sourcing Titus? …we’ve been asked over and over again, “When will you open source Titus?” It was clear that we were discussing ideas, problems, and solutions that resonated with those at a variety of companies, both large and small. We hope that by sharing Titus we are able to help accelerate like-minded teams, and to bring the lessons we’ve learned forward in the container management community. The question is, is it too late for Titus to gain traction in a world where Kubernetes has seemingly already won?

read more

Solomon Hykes Docker Blog

Solomon Hykes says au revoir to Docker

I found this section of the announcement insightful: Most ideas never materialize. Most software goes unused. Most businesses fail in their first year. Yet here we are, one of the largest open-source communities ever assembled, collectively building software that will run on millions of computers around the world. To know that your work was meaningful, and that a vibrant community of people will continue building upon it…. can any founder ask for anything more? Best of luck to you, Solomon. We’ll be waiting to see what you hack together next!

read more

Docker Blog Icon Docker Blog

Docker Compose and Kubernetes with Docker for desktop

Mike Coleman, Docker Technology Evangelist, writing on the Docker blog: If you’re running an edge version of Docker on your desktop (Docker for Mac or Docker for Windows Desktop), you can now stand up a single-node Kubernetes cluster with the click of a button. If you are running Docker for Mac or Docker for Windows, you now have a fully compliant Kubernetes cluster at your fingertips without installing any other tools.

read more

Docker blog.docker.com

Docker for Mac with Kubernetes

Docker for macOS makes it easy to have Docker containers running on your Mac in just a few minutes and now it has experimental Kubernetes support. We’re proud to announce that Docker for Mac with beta Kubernetes support is now publicly available as part of the Edge release channel. With this release you can now run a single node Kubernetes cluster right on your Mac and use both kubectl commands and docker commands to control your containers.

read more

0:00 / 0:00